From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: passt.top; dmarc=none (p=none dis=none) header.from=gibson.dropbear.id.au Authentication-Results: passt.top; dkim=pass (2048-bit key; secure) header.d=gibson.dropbear.id.au header.i=@gibson.dropbear.id.au header.a=rsa-sha256 header.s=202510 header.b=tBmNHyiG; dkim-atps=neutral Received: from mail.ozlabs.org (gandalf.ozlabs.org [150.107.74.76]) by passt.top (Postfix) with ESMTPS id BC7E15A0619 for ; Mon, 03 Nov 2025 23:21:32 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gibson.dropbear.id.au; s=202510; t=1762208489; bh=7s+X9eEZiug72oUYdYzr41Nv9AoM9opdkGpJJChIZCM=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=tBmNHyiGY+KlXprEY0zsaTHJrTiSerZ7JoaTFJbZV5cRmYAPF+IEJTijSo+n09ptO cd6I92m3CZ0SqBHZJZKdHjCWLNePjdP72TxKcDgF80iQ/uIVCYLPNOY8sfISyii3r5 0o5z2t1rvt3RnomOCbixJe+LnH65MGCSRvpyrSsJU4sfGh2rDPCnxKdo1MMWUJiprq sHZE3Cf8QX7EX1BffBPqE0H0D3ZXtE2T3qqmIQ0gTrnHe46gTxpa6RLCmMq39+moH1 WLQSgIMiIRnZmcovUR/UByA6Ms0HkXeS8olQnEH/C2jWCaQa4C8vWVVnN1n+UAPyZZ pXgpEW1AawT7g== Received: by gandalf.ozlabs.org (Postfix, from userid 1007) id 4d0mJn2pqrz4wC8; Tue, 04 Nov 2025 09:21:29 +1100 (AEDT) Date: Mon, 3 Nov 2025 23:36:14 +1100 From: David Gibson To: Laurent Vivier Subject: Re: [PATCH] seccomp.sh: Quote tr character ranges to prevent glob expansion Message-ID: References: <20251103120834.192683-1-lvivier@redhat.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="x0z16MJLT0RHkZTt" Content-Disposition: inline In-Reply-To: <20251103120834.192683-1-lvivier@redhat.com> Message-ID-Hash: VP6W5J6UN76O227BJBFV472PN2PHALU6 X-Message-ID-Hash: VP6W5J6UN76O227BJBFV472PN2PHALU6 X-MailFrom: dgibson@gandalf.ozlabs.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: passt-dev@passt.top X-Mailman-Version: 3.3.8 Precedence: list List-Id: Development discussion and patches for passt Archived-At: Archived-At: List-Archive: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: --x0z16MJLT0RHkZTt Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Nov 03, 2025 at 01:08:34PM +0100, Laurent Vivier wrote: > we use [a-z] and [A-Z] patterns with 'tr', but > if there are files with names matching these patterns they will be > replaced by the name of the file and seccomp.h will not be generated > correctly: > $ rm seccomp.h > $ touch a b > $ make > tr: extra operand '[A-Z]' > Try 'tr --help' for more information. > seccomp profile passt allows: accept accept4 bind clock_gettime close co= nnect epoll_ctl epoll_pwait epoll_wait exit_group > fallocate fcntl fsync ftruncate getsockname getsockopt listen lseek re= ad recvfrom recvmmsg recvmsg sendmmsg sendmsg sendto > ... > cc -Wall -Wextra -Wno-format-zero-length -Wformat-security -pedantic -std= =3Dc11 -D_XOPEN_SOURCE=3D700 -D_GNU_SOURCE -D_FORTIFY_SOURCE=3D2 -O2 -pie -= fPIE -DPAGE_SIZE=3D4096 -DVERSION=3D"2025_09_19.623dbf6-54-gf6b6118fcabd" -= DDUAL_STACK_SOCKETS=3D1 -DHAS_GETRANDOM -fstack-protector-strong arch.c a= rp.c checksum.c conf.c dhcp.c dhcpv6.c epoll_ctl.c flow.c fwd.c icmp.c igmp= =2Ec inany.c iov.c ip.c isolation.c lineread.c log.c mld.c ndp.c netlink.c = migrate.c packet.c passt.c pasta.c pcap.c pif.c repair.c tap.c tcp.c tcp_bu= f.c tcp_splice.c tcp_vu.c udp.c udp_flow.c udp_vu.c util.c vhost_user.c vir= tio.c vu_common.c -o passt > In file included from isolation.c:83: > seccomp.h:11:45: error: 'AUDIT_ARCH_' undeclared here (not in a function)= ; did you mean 'AUDIT_ARCH'? > 11 | BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, AUDIT_ARCH_, 0, 80), > | ^~~~~~~~~~~ >=20 > Signed-off-by: Laurent Vivier Ouch. Reviewed-by: David Gibson > --- > seccomp.sh | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) >=20 > diff --git a/seccomp.sh b/seccomp.sh > index a7bc417b9f6b..ba92b29d9a29 100755 > --- a/seccomp.sh > +++ b/seccomp.sh > @@ -22,7 +22,7 @@ IN=3D"$@" > [ -z "${ARCH}" ] && ARCH=3D"$(uname -m)" > [ -z "${CC}" ] && CC=3D"cc" > =20 > -AUDIT_ARCH=3D"AUDIT_ARCH_$(echo ${ARCH} | tr [a-z] [A-Z] \ > +AUDIT_ARCH=3D"AUDIT_ARCH_$(echo ${ARCH} | tr '[a-z]' '[A-Z]' \ > | sed 's/^ARM.*/ARM/' \ > | sed 's/I[456]86/I386/' \ > | sed 's/PPC64/PPC/' \ > --=20 > 2.51.0 >=20 --=20 David Gibson (he or they) | I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you, not the other way | around. http://www.ozlabs.org/~dgibson --x0z16MJLT0RHkZTt Content-Type: application/pgp-signature; name=signature.asc -----BEGIN PGP SIGNATURE----- iQIyBAEBCgAdFiEEO+dNsU4E3yXUXRK2zQJF27ox2GcFAmkIob0ACgkQzQJF27ox 2GeZvg/3U8KAjIUfkf68YBZLBMoKbvZW5UzTKRLVlrcovlpl0jYZZMi0PQmzExe5 U07RL4co/kTiwAUYCuW+pEb8WE6I8dhmTcoFgF8SxF5C4wFLEa5d+tCReg2iaI5x LawRNGLJfY9dZDQjOnU5s4kZNwr9sx4FdrLJVh5yw66q5IRK7unCpLHG9/yzMVzj CyLEM39zRWEgS8eRV8puDQNXgaPlCAZG1DKb17wAyQR8CMn+fxnvuS5D4XF2AkmT m46WuYuEgnEyazQTiIRaifut6WYogNzZOJ2P3KdD+L/7s6YRnlclMV4UFRxlZWGq TpBJjkquQR7mWKCmaKfJj/yBDKEQ+OgDeDqq9vKg/e2T0pZAKYKXLp07AIHVeL6+ v+kLZ0uye4CL+t5IodqM7ZT1NeQcdnl6r48S0lqRJpPiULi11B0WIQkmcv2iPNl7 LMrindcf1JuPW0uetBvPab/hDMVfNSmCa1S+/Fc7Ca4NNmMavou77I7WngwLqCwV 0VNubGUcr/O4pRnFK8UHw7G+NwnSY7av9tN/jfmrMErkiySfMq/I/U+0teMTfI9M rFE3HuhNJvD6VRnFyRfp82xcY3asdsLtzr4Rt+kyRJ5L8s5qkokCu8891LRIeVpX r4zgYjAUKL1gAVyaddhbLenF7Do51mSeqmp3YVvOT0VABdpAgQ== =vXrk -----END PGP SIGNATURE----- --x0z16MJLT0RHkZTt--